-
Notifications
You must be signed in to change notification settings - Fork 1
/
gen_keys
63 lines (56 loc) · 2.41 KB
/
gen_keys
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/bash
# ENV
mkdir -p /home/$USER/.android-certs/
hash="-sha256"
# Cert keys
subject="/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]"
for cert in $(cat _data/cert_keys.txt); do
key_platform="/home/$USER/.android-certs/${cert}.pem"
cert_file="$(pwd)/${cert}.x509.pem"
if [ ! -f ${key_platform} ]; then
openssl genrsa -f4 4096 > ${key_platform} 2>/dev/null
fi
if ! openssl x509 -checkend 86400 -noout -in ${cert_file} &> /dev/null; then
openssl req -new -x509 ${hash} -key ${key_platform} -out ${cert_file} -days 10000 -subj "$subject"
openssl pkcs8 -in ${key_platform} -topk8 -outform DER -out $(pwd)/${cert}.pk8 -nocrypt
fi
done
# Apex keys
for apex in $(cat _data/apex_keys.txt); do
subject="/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=${apex}/[email protected]"
key_apex="/home/$USER/.android-certs/${apex}.pem"
cert_file="$(pwd)/${apex}.certificate.override.x509.pem"
if [ ! -f ${key_apex} ]; then
openssl genrsa -f4 4096 > ${key_apex} 2>/dev/null
fi
if ! openssl x509 -checkend 86400 -noout -in ${cert_file} &> /dev/null; then
openssl req -new -x509 ${hash} -key ${key_apex} -out ${cert_file} -days 10000 -subj "$subject"
openssl pkcs8 -in ${key_apex} -topk8 -outform DER -out $(pwd)/${apex}.certificate.override.pk8 -nocrypt
fi
done
# Generate Makefiles
echo "// DO NOT EDIT THIS FILE MANUALLY" > Android.bp
for apex in $(cat _data/apex_keys.txt); do
echo "" >> Android.bp
echo "android_app_certificate {" >> Android.bp
echo " name: \"${apex}.certificate.override\"," >> Android.bp
echo " certificate: \"${apex}.certificate.override\"," >> Android.bp
echo "}" >> Android.bp
done
echo "# DO NOT EDIT THIS FILE MANUALLY" > keys.mk
echo "" >> keys.mk
echo "PRODUCT_CERTIFICATE_OVERRIDES := \\" >> keys.mk
apexes=($(cat _data/apex_keys.txt))
last_index=$(( ${#apexes[@]} - 1 ))
for index in "${!apexes[@]}"; do
apex=${apexes[$index]}
if [ $index -eq $last_index ]; then
echo " ${apex}:${apex}.certificate.override" >> keys.mk
else
echo " ${apex}:${apex}.certificate.override \\" >> keys.mk
fi
done
echo "" >> keys.mk
echo "PRODUCT_DEFAULT_DEV_CERTIFICATE := vendor/droidx-priv/keys/releasekey" >> keys.mk
# Delete files and directories after key generation
rm -rf .git .gitignore _data README.md gen_keys